Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - emerica

Pages: [1] 2

Tech Clinic / Sudden problems with Windows

« on: June 13, 2008, 04:18:39 PM »

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:29:06 PM, on 6/13/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\System32\Drivers\WTSRV.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\WINDOWS\system32\WTClient.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\WISPTIS.EXE
C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\WhatPulse\WhatPulse.exe
C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe
C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Orb Networks\Orb\bin\Orb.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Vidalia Bundle\Tor\tor.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Aqua Dock\Aqua Dock.exe
C:\Program Files\Trillian\trillian.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox2\firefox.exe
C:\WINDOWS\System32\TuneUpDefragService.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.picture.com/voteforme/photovote...;LVT=10&CK=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [BtTray] "C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Openwares LiveUpdate] C:\Program Files\LiveUpdate\LiveUpdate.exe
O4 - HKLM\..\Run: [Aqua Dock] C:\Program Files\Aqua Dock\Aqua Dock.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [WTClient] WTClient.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [Trillian] C:\Program Files\Trillian\trillian.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKCU\..\Run: [WhatPulse] C:\Program Files\WhatPulse\WhatPulse.exe
O4 - HKCU\..\Run: [Orb] C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe
O4 - HKCU\..\Run: [Vidalia] "C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe"
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Privoxy.lnk = C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O20 - AppInit_DLLs: wbsys.dll,C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: BlueSoleilCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BsHelpCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GoToMyPC - Unknown owner - C:\Program Files\Citrix\GoToMyPC\g2svc.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: WinTab Service (WinTabService) - Tablet Driver - C:\WINDOWS\System32\Drivers\WTSRV.EXE

--
End of file - 9535 bytes

Tech Clinic / Sudden problems with Windows

« on: June 11, 2008, 09:55:32 PM »

ComboFix:

ComboFix 08-06-10.5 - Mike 2008-06-11 22:55:00.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1393 [GMT -4:00]
Running from: C:\Documents and Settings\Mike\My Documents\Downloads\ComboFix.exe
* Created a new restore point

[color=\"red\"]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/color]
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\pskill.exe

.
((((((((((((((((((((((((( Files Created from 2008-05-12 to 2008-06-12 )))))))))))))))))))))))))))))))
.

2008-06-11 17:53 . 2008-06-11 17:53   <DIR>   d--------   C:\Deckard
2008-06-11 16:28 . 2008-06-11 16:28   <DIR>   d--------   C:\Program Files\Trend Micro
2008-06-11 02:39 . 2008-04-14 07:01   272,128   ---------   C:\WINDOWS\system32\drivers\bthport.sys
2008-06-11 02:39 . 2008-04-14 07:01   272,128   -----c---   C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-02 21:59 . 2008-06-11 15:36   <DIR>   d--------   C:\Documents and Settings\Mike\Application Data\tor
2008-06-02 21:58 . 2008-06-02 21:58   <DIR>   d--------   C:\Program Files\Vidalia Bundle
2008-06-02 21:58 . 2008-06-11 15:02   <DIR>   d--------   C:\Documents and Settings\Mike\Application Data\Vidalia
2008-05-26 22:04 . 2008-05-26 22:04   <DIR>   d--------   C:\Program Files\Windows Media Connect 2
2008-05-26 22:03 . 2008-05-26 22:03   <DIR>   d--------   C:\WINDOWS\system32\drivers\UMDF
2008-05-26 21:31 . 2008-05-26 21:31   <DIR>   d--------   C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2008-05-16 15:17 . 2008-05-16 15:17   <DIR>   d--------   C:\Program Files\Orb Networks
2008-05-16 15:17 . 2008-05-16 15:18   <DIR>   d--------   C:\Documents and Settings\All Users\Application Data\OrbNetworks

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-12 02:56   477,984   --sha-w   C:\WINDOWS\system32\drivers\fidbox2.dat
2008-06-12 02:56   287,354,400   --sha-w   C:\WINDOWS\system32\drivers\fidbox.dat
2008-06-12 02:53   ---------   d-----w   C:\Program Files\Trillian
2008-06-12 02:52   ---------   d-----w   C:\Documents and Settings\Mike\Application Data\uTorrent
2008-06-11 22:46   ---------   d-----w   C:\Program Files\Mozilla Firefox2
2008-06-11 19:01   ---------   d-----w   C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-06-11 07:33   45,728   --sha-w   C:\WINDOWS\system32\drivers\fidbox2.idx
2008-06-11 07:33   3,847,220   --sha-w   C:\WINDOWS\system32\drivers\fidbox.idx
2008-06-10 21:24   ---------   d-----w   C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-06-04 19:05   ---------   d-----w   C:\Program Files\LIVEUPDATE
2008-06-03 02:50   ---------   d-----w   C:\Program Files\TrackMania Nations ESWC
2008-05-29 17:43   88,774   ----a-w   C:\WINDOWS\system32\drivers\klick.dat
2008-05-28 13:58   96,966   ----a-w   C:\WINDOWS\system32\drivers\klin.dat
2008-05-28 13:58   112,144   ----a-w   C:\WINDOWS\system32\drivers\kl1.sys
2008-05-08 12:28   202,752   ----a-w   C:\WINDOWS\system32\drivers\rmcast.sys
2008-05-07 05:18   1,287,680   ----a-w   C:\WINDOWS\system32\quartz.dll
2008-05-02 20:04   ---------   d-----w   C:\Documents and Settings\Mike\Application Data\Azureus
2008-04-28 22:20   ---------   d-----w   C:\Documents and Settings\Mike\Application Data\LimeWire
2008-04-28 21:59   ---------   d-----w   C:\Program Files\Opera
2008-04-28 21:35   ---------   d-----w   C:\Documents and Settings\All Users\Application Data\Bluetooth
2008-04-28 19:41   ---------   d-----w   C:\Documents and Settings\Mike\Application Data\InstallShield Installation Information
2008-04-28 19:31   ---------   d-----w   C:\Program Files\Unreal Tournament 3
2008-04-28 19:30   ---------   d-----w   C:\Program Files\Common Files\Wise Installation Wizard
2008-04-28 19:30   ---------   d-----w   C:\Program Files\AGEIA Technologies
2008-04-28 19:16   ---------   d-----w   C:\Program Files\Azureus
2008-04-26 01:37   ---------   d-----w   C:\Program Files\Safari
2008-04-26 01:36   ---------   d-----w   C:\Program Files\Apple Software Update
2008-04-24 19:28   ---------   d-----w   C:\Program Files\TI Education
2008-04-24 19:28   ---------   d-----w   C:\Program Files\Common Files\TI Shared
2008-04-21 07:04   659,456   ----a-w   C:\WINDOWS\system32\wininet.dll
2008-04-17 01:45   ---------   d-----w   C:\Program Files\IDoser v4
2008-04-16 23:09   ---------   d-----w   C:\Program Files\SBaGen
2008-04-14 11:19   ---------   d-----w   C:\Program Files\Purple Ghost
2008-04-14 11:19   ---------   d-----w   C:\Documents and Settings\Mike\Application Data\Purple Ghost Software, Inc
2008-04-14 11:19   ---------   d-----w   C:\Documents and Settings\All Users\Application Data\Purple Ghost Software, Inc
2008-04-12 03:19   ---------   d-----w   C:\Documents and Settings\Mike\Application Data\dvdcss
2008-03-27 08:12   151,583   ----a-w   C:\WINDOWS\system32\msjint40.dll
2008-03-19 09:47   1,845,248   ----a-w   C:\WINDOWS\system32\win32k.sys
2008-01-25 02:07   3,902,784   ----a-w   C:\Documents and Settings\Mike\gosetup.exe
2008-01-16 23:29   22,328   ----a-w   C:\Documents and Settings\Mike\Application Data\PnkBstrK.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 08:00 15360]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2008-01-10 19:16 32768]
"TuneUp MemOptimizer"="C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe" [2008-01-08 14:31 196864]
"Trillian"="C:\Program Files\Trillian\trillian.exe" [2007-12-11 01:00 1873280]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-01-03 09:54 486856]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-10-09 12:28 139264]
"NVIDIA nTune"="C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-09-04 20:25 81920]
"WhatPulse"="C:\Program Files\WhatPulse\WhatPulse.exe" [2006-08-21 13:48 665600]
"Orb"="C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe" [2008-03-31 21:54 507904]
"Vidalia"="C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe" [2007-11-22 17:49 12889088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 02:41 8523776]
"nwiz"="nwiz.exe" [2007-12-05 02:41 1626112 C:\WINDOWS\system32\nwiz.exe]
"SkyTel"="SkyTel.EXE" [2006-05-17 14:04 2879488 C:\WINDOWS\SkyTel.exe]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 01:47 31016]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="C:\Program Files\Google\Gmail Notifier\gnotify.exe" [2005-07-15 17:48 479232]
"RTHDCPL"="RTHDCPL.EXE" [2007-01-31 14:54 16116224 C:\WINDOWS\RTHDCPL.exe]
"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [2007-08-06 20:05 200704]
"BtTray"="C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe" [2007-09-10 12:08 258134]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 17:40 155648]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-12-05 02:41 81920]
"Openwares LiveUpdate"="C:\Program Files\LiveUpdate\LiveUpdate.exe" [2003-12-13 13:17 61440]
"Aqua Dock"="C:\Program Files\Aqua Dock\Aqua Dock.exe" [2003-11-01 08:58 386560]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2005-05-20 15:46 28160 C:\WINDOWS\KHALMNPR.Exe]
"WTClient"="WTClient.exe" [2007-04-11 12:27 40960 C:\WINDOWS\system32\WTClient.exe]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2008-01-10 19:16:38 450560]
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2008-01-10 19:15:33 450560]
Privoxy.lnk - C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe [2006-11-20 10:30:54 250368]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="C:\\Documents and Settings\\All Users\\Application Data\\TuneUp Software\\TuneUp Utilities\\WinStyler\\tu_logonui.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToMyPC]
C:\Program Files\Citrix\GoToMyPC\G2WinLogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\MCPClient]
C:\PROGRA~1\COMMON~1\Stardock\mcpstub.dll 2005-01-31 15:13 49152 C:\PROGRA~1\COMMON~1\Stardock\MCPStub.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll 2008-01-14 02:01 176128 C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\WbSrv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=wbsys.dll,C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
"Comrade.exe"=C:\Program Files\GameSpy\Comrade\Comrade.exe
"Aim6"="C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"C:\\UT2004Demo\\System\\UT2004.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\Trillian\\trillian.exe"=
"C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleilCS.exe"=
"C:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"=
"C:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=
"C:\\Program Files\\Joost\\xulrunner\\tvprunner.exe"=
"C:\\Program Files\\mIRC\\mirc.exe"=
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Unreal Tournament 3\\Binaries\\UT3.exe"=
"C:\\Program Files\\Orb Networks\\Orb\\bin\\Orb.exe"=
"C:\\Program Files\\Orb Networks\\Orb\\bin\\OrbTray.exe"=
"C:\\Program Files\\Orb Networks\\Orb\\bin\\OrbStreamerClient.exe"=

R0 videX32;videX32;C:\WINDOWS\system32\DRIVERS\videX32.sys [2006-10-18 17:22]
R2 BlueSoleilCS;BlueSoleilCS;C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [2007-09-14 10:44]
R2 UxTuneUp;TuneUp Theme Extension;C:\WINDOWS\System32\svchost.exe [2004-08-04 08:00]
R3 BsHelpCS;BsHelpCS;C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe [2007-08-17 16:58]
R3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service;C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2007-04-17 07:58]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [2007-04-04 15:58]
R3 PTSimBus;PenTablet Bus Enumerator;C:\WINDOWS\system32\DRIVERS\PTSimBus.sys [2007-06-07 13:16]
R3 PTSimHid;PenTablet Simulated HID MiniDriver;C:\WINDOWS\system32\DRIVERS\PTSimHid.sys [2007-04-23 11:28]
S3 MaRdPnp;MaRdPnp;C:\WINDOWS\system32\DRIVERS\MaRdP2K.sys [2005-05-03 03:20]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-03-02 15:05]
S4 Viewpoint Manager Service;Viewpoint Manager Service;"C:\Program Files\Viewpoint\Common\ViewpointService.exe" [2007-01-04 17:38]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ad1e885f-c08b-11dc-b846-001d601fbf68}]
\Shell\AutoRun\command - E:\LaunchU3.exe -a

*Newly Created Service* - CATCHME
.
Contents of the 'Scheduled Tasks' folder
"2008-06-06 21:16:22 C:\WINDOWS\Tasks\1-Click Maintenance.job"
- C:\Program Files\TuneUp Utilities 2008\OneClick.exe
"2008-06-06 14:52:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-11 22:56:50
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-06-11 22:57:47
ComboFix-quarantined-files.txt 2008-06-12 02:57:28

Pre-Run: 159,004,246,016 bytes free
Post-Run: 158,989,434,880 bytes free

186   --- E O F ---   2008-06-11 07:27:38

HijackThis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:05:34 PM, on 6/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\System32\Drivers\WTSRV.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\WINDOWS\system32\WTClient.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\WISPTIS.EXE
C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\WhatPulse\WhatPulse.exe
C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe
C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Orb Networks\Orb\bin\Orb.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Vidalia Bundle\Tor\tor.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox2\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.picture.com/voteforme/photovote...;LVT=10&CK=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O1 - Hosts: 127.255.255.255 serial.alcohol-soft.com
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [BtTray] "C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Openwares LiveUpdate] C:\Program Files\LiveUpdate\LiveUpdate.exe
O4 - HKLM\..\Run: [Aqua Dock] C:\Program Files\Aqua Dock\Aqua Dock.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [WTClient] WTClient.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [Trillian] C:\Program Files\Trillian\trillian.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKCU\..\Run: [WhatPulse] C:\Program Files\WhatPulse\WhatPulse.exe
O4 - HKCU\..\Run: [Orb] C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe
O4 - HKCU\..\Run: [Vidalia] "C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe"
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Privoxy.lnk = C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O18 - Protocol: bw+0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: offline-8876480 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: wbsys.dll,C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: BlueSoleilCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BsHelpCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GoToMyPC - Unknown owner - C:\Program Files\Citrix\GoToMyPC\g2svc.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: WinTab Service (WinTabService) - Tablet Driver - C:\WINDOWS\System32\Drivers\WTSRV.EXE
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/Mike/LOCALS~1/Temp/msohtmlclip1/01/clip_image002.jpg

--
End of file - 21575 bytes

Tech Clinic / Sudden problems with Windows

« on: June 11, 2008, 05:35:35 PM »

MAIN:

Deckard's System Scanner v20071014.68
Run by Mike on 2008-06-11 18:42:13
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

-- Last 5 Restore Point(s) --
94: 2008-06-11 21:54:57 UTC - RP192 - Deckard's System Scanner Restore Point
93: 2008-06-11 07:00:33 UTC - RP191 - Software Distribution Service 3.0
92: 2008-06-11 03:15:52 UTC - RP190 - Restore Operation
91: 2008-06-10 21:23:09 UTC - RP189 - Software Distribution Service 3.0
90: 2008-06-10 05:14:15 UTC - RP188 - System Checkpoint

-- First Restore Point --
1: 2008-03-14 08:25:11 UTC - RP99 - System Checkpoint

Backed up registry hives.
Performed disk cleanup.

-- HijackThis (run as Mike.exe) ------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:42:53 PM, on 6/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\System32\Drivers\WTSRV.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\WINDOWS\system32\WTClient.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\WISPTIS.EXE
C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\WhatPulse\WhatPulse.exe
C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe
C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Orb Networks\Orb\bin\Orb.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Vidalia Bundle\Tor\tor.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Documents and Settings\Mike\My Documents\Downloads\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Mike.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.picture.com/voteforme/photovote...;LVT=10&CK=
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O1 - Hosts: 127.255.255.255 serial.alcohol-soft.com
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [BtTray] "C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKLM\..\Run: [Openwares LiveUpdate] C:\Program Files\LiveUpdate\LiveUpdate.exe
O4 - HKLM\..\Run: [Aqua Dock] C:\Program Files\Aqua Dock\Aqua Dock.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [WTClient] WTClient.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [Trillian] C:\Program Files\Trillian\trillian.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKCU\..\Run: [WhatPulse] C:\Program Files\WhatPulse\WhatPulse.exe
O4 - HKCU\..\Run: [Orb] C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe
O4 - HKCU\..\Run: [Vidalia] "C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe"
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Privoxy.lnk = C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O18 - Protocol: bw+0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: offline-8876480 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: wbsys.dll,C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: BlueSoleilCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BsHelpCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GoToMyPC - Unknown owner - C:\Program Files\Citrix\GoToMyPC\g2svc.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: WinTab Service (WinTabService) - Tablet Driver - C:\WINDOWS\System32\Drivers\WTSRV.EXE
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/Mike/LOCALS~1/Temp/msohtmlclip1/01/clip_image002.jpg

--
End of file - 21355 bytes

-- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------

backup-20080611-163647-237 O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

-- File Associations -----------------------------------------------------------

All associations okay.

-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 sfdrv01 (StarForce Protection Environment Driver (version 1.x)) - c:\windows\system32\drivers\sfdrv01.sys <Not Verified; Protection Technology; StarForce Protection System>
R0 sfhlp02 (StarForce Protection Helper Driver (version 2.x)) - c:\windows\system32\drivers\sfhlp02.sys <Not Verified; Protection Technology; StarForce Protection System>
R0 sfvfs02 (StarForce Protection VFS Driver (version 2.x)) - c:\windows\system32\drivers\sfvfs02.sys <Not Verified; Protection Technology; StarForce Protection System>
R1 SCDEmu - c:\windows\system32\drivers\scdemu.sys <Not Verified; PowerISO Computing, Inc.; scdemu>
R2 MaVctrl - c:\windows\system32\drivers\mavc2k.sys <Not Verified; Mobile Action Technology Inc.; Handset Manager>
R3 NVR0Dev - c:\windows\nvoclock.sys <Not Verified; NVidia Corp.; NVidia System Utility Driver>
R3 PTSimBus (PenTablet Bus Enumerator) - c:\windows\system32\drivers\ptsimbus.sys <Not Verified; PenTablet Driver; PenTablet Bus enumerator>
R3 PTSimHid (PenTablet Simulated HID MiniDriver) - c:\windows\system32\drivers\ptsimhid.sys <Not Verified; PenTablet Driver; PenTablet Hid MiniDriver for Win2000/XP/Vista>
R3 TClass2k (Tablet Class Driver) - c:\windows\system32\drivers\tclass2k.sys <Not Verified; Tablet Driver; Tablet Class Driver for Win2000/XP/Vista>
R3 UCTblHid (HID Tablet Port Driver) - c:\windows\system32\drivers\uctblhid.sys <Not Verified; Tablet Driver; Tablet HID Driver for Win2000/XP/Vista>

S0 BTHidEnum (Bluetooth HID Enumerator) - c:\windows\system32\drivers\vbtenum.sys (file missing)
S0 BTHidMgr (Bluetooth HID Manager Service) - c:\windows\system32\drivers\bthidmgr.sys (file missing)
S3 BlueletAudio (Bluetooth Audio Service) - c:\windows\system32\drivers\blueletaudio.sys (file missing)
S3 BlueletSCOAudio (Bluetooth SCO Audio Service) - c:\windows\system32\drivers\blueletscoaudio.sys (file missing)
S3 BT (Bluetooth PAN Network Adapter) - c:\windows\system32\drivers\btnetdrv.sys (file missing)
S3 Btcsrusb (Bluetooth USB For Bluetooth Service) - c:\windows\system32\drivers\btcusb.sys (file missing)
S3 MaRdPnp - c:\windows\system32\drivers\mardp2k.sys <Not Verified; Mobile Action Technology Inc.; Handset Manager>
S3 Tablet2k (Serial Tablet Port Driver) - "c:\windows\system32\drivers\tablet2k.sys" (file missing)
S3 VComm (Virtual Serial port driver) - c:\windows\system32\drivers\vcomm.sys (file missing)
S3 VcommMgr (Bluetooth VComm Manager Service) - c:\windows\system32\drivers\vcommmgr.sys (file missing)

-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 BlueSoleilCS - c:\program files\ivt corporation\bluesoleil\bluesoleilcs.exe <Not Verified; ; BlueSoleilCS Module>
R2 Bonjour Service (##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##) - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Computer, Inc.; Bonjour>
R2 nTuneService (nTune Service) - c:\program files\nvidia corporation\ntune\ntuneservice.exe /startservice <Not Verified; NVIDIA; NVIDIA nTune>
R2 StarWindServiceAE (StarWind AE Service) - c:\program files\alcohol soft\alcohol 120\starwind\starwindserviceae.exe <Not Verified; Rocket Division Software; StarWind Alcohol Edition>
R2 WinTabService (WinTab Service) - "c:\windows\system32\drivers\wtsrv.exe" <Not Verified; Tablet Driver; Tablet Driver for Win2000/XP/Vista>
R3 BsHelpCS - c:\program files\ivt corporation\bluesoleil\bshelpcs.exe <Not Verified; ; BsHelpCS Module>

S2 GoToMyPC - "c:\program files\citrix\gotomypc\g2svc.exe" -service (file missing)
S3 FLEXnet Licensing Service - "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)>
S3 NBService - c:\program files\nero\nero 7\nero backitup\nbservice.exe
S4 Viewpoint Manager Service - "c:\program files\viewpoint\common\viewpointservice.exe" <Not Verified; Viewpoint Corporation; Viewpoint Manager>

-- Device Manager: Disabled ----------------------------------------------------

Class GUID:
Description: USB Device
Device ID: USB\VID_1131&PID_1001\7&EFBAEFF&0&3
Manufacturer:
Name: USB Device
PNP Device ID: USB\VID_1131&PID_1001\7&EFBAEFF&0&3
Service:

-- Scheduled Tasks -------------------------------------------------------------

2008-06-06 17:16:22 374 --a------ C:\WINDOWS\Tasks\1-Click Maintenance.job
2008-06-06 10:52:01 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job

-- Files created between 2008-05-11 and 2008-06-11 -----------------------------

2008-06-11 16:28:20 0 d-------- C:\Program Files\Trend Micro
2008-06-11 16:21:24 0 dr-h----- C:\Documents and Settings\Mike\Recent
2008-06-02 21:59:30 0 d-------- C:\Documents and Settings\Mike\Application Data\tor
2008-06-02 21:58:39 0 d-------- C:\Documents and Settings\Mike\Application Data\Vidalia
2008-06-02 21:58:37 0 d-------- C:\Program Files\Vidalia Bundle
2008-05-26 22:04:43 0 d-------- C:\Program Files\Windows Media Connect 2
2008-05-26 22:03:23 0 d-------- C:\WINDOWS\system32\drivers\UMDF
2008-05-26 21:31:36 0 d-------- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2008-05-16 15:17:28 0 d-------- C:\Documents and Settings\All Users\Application Data\OrbNetworks
2008-05-16 15:17:25 0 d-------- C:\Program Files\Orb Networks

-- Find3M Report ---------------------------------------------------------------

2008-06-11 18:41:45 0 d-------- C:\Program Files\Mozilla Firefox2
2008-06-11 17:54:32 0 d-------- C:\Program Files\Trillian
2008-06-10 17:47:01 0 d-------- C:\Documents and Settings\Mike\Application Data\uTorrent
2008-06-04 15:05:25 0 d-------- C:\Program Files\LIVEUPDATE
2008-06-02 22:50:38 0 d-------- C:\Program Files\TrackMania Nations ESWC
2008-06-02 17:43:44 8 --a------ C:\WINDOWS\system32\nvModes.dat
2008-05-31 15:11:10 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-05-02 16:04:23 0 d-------- C:\Documents and Settings\Mike\Application Data\Azureus
2008-04-28 18:20:03 0 d-------- C:\Documents and Settings\Mike\Application Data\LimeWire
2008-04-28 17:59:39 0 d-------- C:\Documents and Settings\Mike\Application Data\Opera
2008-04-28 17:59:32 0 d-------- C:\Program Files\Opera
2008-04-28 15:41:03 0 d-------- C:\Documents and Settings\Mike\Application Data\InstallShield Installation Information
2008-04-28 15:31:22 0 d-------- C:\Program Files\Unreal Tournament 3
2008-04-28 15:30:28 0 d-------- C:\Program Files\AGEIA Technologies
2008-04-28 15:30:12 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-04-28 15:16:46 0 d-------- C:\Program Files\Azureus
2008-04-25 21:37:12 0 d-------- C:\Program Files\Safari
2008-04-25 21:36:14 0 d-------- C:\Program Files\Apple Software Update
2008-04-24 15:28:17 0 d-------- C:\Program Files\Common Files\TI Shared
2008-04-24 15:28:15 0 d-------- C:\Program Files\TI Education
2008-04-24 15:28:15 0 d-------- C:\Program Files\Common Files
2008-04-16 21:45:12 0 d-------- C:\Program Files\IDoser v4
2008-04-16 19:09:42 0 d-------- C:\Program Files\SBaGen
2008-04-14 23:19:22 0 d-------- C:\Documents and Settings\Mike\Application Data\Mozilla
2008-04-14 07:19:43 0 d-------- C:\Documents and Settings\Mike\Application Data\Purple Ghost Software, Inc
2008-04-14 07:19:30 0 d-------- C:\Program Files\Purple Ghost
2008-04-11 23:19:43 0 d-------- C:\Documents and Settings\Mike\Application Data\dvdcss
2008-04-11 15:13:35 0 d-------- C:\Program Files\iTunes
2008-04-11 15:13:27 0 d-------- C:\Program Files\iPod
2008-04-11 15:12:12 0 d-------- C:\Program Files\QuickTime

-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [12/05/2007 02:41 AM]
"nwiz"="nwiz.exe" [12/05/2007 02:41 AM C:\WINDOWS\system32\nwiz.exe]
"SkyTel"="SkyTel.EXE" [05/17/2006 02:04 PM C:\WINDOWS\SkyTel.exe]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [10/27/2006 01:47 AM]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="C:\Program Files\Google\Gmail Notifier\gnotify.exe" [07/15/2005 05:48 PM]
"RTHDCPL"="RTHDCPL.EXE" [01/31/2007 02:54 PM C:\WINDOWS\RTHDCPL.exe]
"Alcmtr"="ALCMTR.EXE" [05/04/2005 02:43 PM C:\WINDOWS\Alcmtr.exe]
"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [08/06/2007 08:05 PM]
"BtTray"="C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe" [09/10/2007 12:08 PM]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [01/12/2006 05:40 PM]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [12/05/2007 02:41 AM]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" [06/28/2007 01:51 PM]
"Openwares LiveUpdate"="C:\Program Files\LiveUpdate\LiveUpdate.exe" [12/13/2003 01:17 PM]
"Aqua Dock"="C:\Program Files\Aqua Dock\Aqua Dock.exe" [11/01/2003 08:58 AM]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [05/20/2005 03:46 PM C:\WINDOWS\KHALMNPR.Exe]
"WTClient"="WTClient.exe" [04/11/2007 12:27 PM C:\WINDOWS\system32\WTClient.exe]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [02/22/2008 04:25 AM]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [03/28/2008 11:37 PM]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [03/30/2008 10:36 AM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 08:00 AM]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [01/10/2008 07:16 PM]
"TuneUp MemOptimizer"="C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe" [01/08/2008 02:31 PM]
"Trillian"="C:\Program Files\Trillian\trillian.exe" [12/11/2007 01:00 AM]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [01/03/2008 09:54 AM]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [10/09/2006 12:28 PM]
"NVIDIA nTune"="C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" [09/04/2007 08:25 PM]
"WhatPulse"="C:\Program Files\WhatPulse\WhatPulse.exe" [08/21/2006 01:48 PM]
"Orb"="C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe" [03/31/2008 09:54 PM]
"Vidalia"="C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe" [11/22/2007 05:49 PM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [1/10/2008 7:16:38 PM]
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [1/10/2008 7:15:33 PM]
Privoxy.lnk - C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe [11/20/2006 10:30:54 AM]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{E25C29AB-12B9-4523-A53C-324B5FBA648C}"= C:\DOCUME~1\Mike\LOCALS~1\Temp\dat3FD.tmp [ ]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToMyPC]
C:\Program Files\Citrix\GoToMyPC\G2WinLogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\MCPClient]
C:\PROGRA~1\COMMON~1\Stardock\mcpstub.dll 01/31/2005 03:13 PM 49152 C:\PROGRA~1\COMMON~1\Stardock\MCPStub.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll 01/14/2008 02:01 AM 176128 C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\WbSrv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=wbsys.dll,C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
"Comrade.exe"=C:\Program Files\GameSpy\Comrade\Comrade.exe
"Aim6"="C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ad1e885f-c08b-11dc-b846-001d601fbf68}]
AutoRun\command- E:\LaunchU3.exe -a

-- Hosts -----------------------------------------------------------------------

127.255.255.255 serial.alcohol-soft.com

-- End of Deckard's System Scanner: finished at 2008-06-11 18:44:37 ------------

EXTRA:

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Intel® Core(tm)2 Duo CPU E4500 @ 2.20GHz
CPU 1: Intel® Core(tm)2 Duo CPU E4500 @ 2.20GHz
Percentage of Memory in Use: 44%
Physical Memory (total/avail): 2047.17 MiB / 1139.64 MiB
Pagefile Memory (total/avail): 3942.97 MiB / 3375.67 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1912.47 MiB

A: is Removable (No Media)
C: is Fixed (NTFS) - 298.08 GiB total, 148.88 GiB free.
D: is CDROM (No Media)
E: is Fixed (NTFS) - 76.69 GiB total, 68.92 GiB free.
F: is Removable (No Media)
G: is CDROM (No Media)
H: is CDROM (No Media)
I: is CDROM (No Media)
J: is CDROM (No Media)
K: is Removable (No Media)
L: is Removable (No Media)
M: is Removable (No Media)

\\.\PHYSICALDRIVE0 - ST3320620AS - 298.09 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 298.08 GiB - C:

\\.\PHYSICALDRIVE2 - Generic USB CF Reader USB Device

\\.\PHYSICALDRIVE4 - Generic USB MS Reader USB Device

\\.\PHYSICALDRIVE1 - Generic USB SD Reader USB Device

\\.\PHYSICALDRIVE3 - Generic USB SM Reader USB Device

\\.\PHYSICALDRIVE5 - HDS72808 0PLAT20 USB Device - 76.69 GiB - 1 partition
\PARTITION0 - Installable File System - 76.69 GiB - E:

-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.

FirstRunDisabled is set.

FW: Kaspersky Internet Security v7.0.0.125 (Kaspersky Lab)
AV: Kaspersky Internet Security v7.0.0.125 (Kaspersky Lab)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:ÂµTorrent"
"C:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe"="C:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe:*:Enabled:TmNationsESWC"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Disabled:Logitech Desktop Messenger"
"C:\\UT2004Demo\\System\\UT2004.exe"="C:\\UT2004Demo\\System\\UT2004.exe:*:Enabled:UT2004"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\Trillian\\trillian.exe"="C:\\Program Files\\Trillian\\trillian.exe:*:Enabled:Trillian"
"C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleilCS.exe"="C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleilCS.exe:*:Enabled:BlueSoleilCS"
"C:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"="C:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe:*:Enabled:Crysis_32"
"C:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"="C:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32"
"C:\\WINDOWS\\system32\\PnkBstrA.exe"="C:\\WINDOWS\\system32\\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\\WINDOWS\\system32\\PnkBstrB.exe"="C:\\WINDOWS\\system32\\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\\Program Files\\Joost\\xulrunner\\tvprunner.exe"="C:\\Program Files\\Joost\\xulrunner\\tvprunner.exe:*:Enabled:tvprunner"
"C:\\Program Files\\mIRC\\mirc.exe"="C:\\Program Files\\mIRC\\mirc.exe:*:Enabled:mIRC"
"C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"="C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe:*:Enabled:BlueSoleil"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\Unreal Tournament 3\\Binaries\\UT3.exe"="C:\\Program Files\\Unreal Tournament 3\\Binaries\\UT3.exe:*:Enabled:Unreal Tournament 3"
"C:\\Program Files\\Orb Networks\\Orb\\bin\\Orb.exe"="C:\\Program Files\\Orb Networks\\Orb\\bin\\Orb.exe:*:Enabled:Orb"
"C:\\Program Files\\Orb Networks\\Orb\\bin\\OrbTray.exe"="C:\\Program Files\\Orb Networks\\Orb\\bin\\OrbTray.exe:*:Enabled:OrbTray"
"C:\\Program Files\\Orb Networks\\Orb\\bin\\OrbStreamerClient.exe"="C:\\Program Files\\Orb Networks\\Orb\\bin\\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"

-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Mike\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=MIKE-A450B5B799
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Mike
LOGONSERVER=\\MIKE-A450B5B799
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\Program Files\Mozilla Firefox2;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\QuickTime\QTSystem\;C:\WINDOWS\system32
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 13, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0f0d
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Mike\LOCALS~1\Temp
TMP=C:\DOCUME~1\Mike\LOCALS~1\Temp
USERDOMAIN=MIKE-A450B5B799
USERNAME=Mike
USERPROFILE=C:\Documents and Settings\Mike
windir=C:\WINDOWS

-- User Profiles ---------------------------------------------------------------

Mike (admin)

-- Add/Remove Programs ---------------------------------------------------------

--> C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
--> C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
--> C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
--> C:\WINDOWS\UNNeroVision.exe /UNINSTALL
--> C:\WINDOWS\UNRecode.exe /UNINSTALL
--> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {926CC8AE-8414-43DF-8EB4-CF26D9C3C663}
--> MsiExec /X{45235788-142C-44BE-8A4D-DDE9A84492E5}
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
ÂµTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
Ad-Aware 2007 --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Anchor Service CS3 --> MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3 --> MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3 --> MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting --> MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0 --> MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps --> MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific --> MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings --> MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
Adobe Color EU Extra Settings --> MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
Adobe Color JA Extra Settings --> MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Recommended Settings --> MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
Adobe Default Language CS3 --> MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3 --> MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe ExtendScript Toolkit 2 --> MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
Adobe Fonts All --> MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3 --> MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Illustrator CS3 --> C:\Program Files\Common Files\Adobe\Installers\a04a925a57548091300ada368235fc6\Setup.exe
Adobe Illustrator CS3 --> MsiExec.exe /I{F08E8D2E-F132-4742-9C87-D5FF223A016A}
Adobe Linguistics CS3 --> MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe PDF Library Files --> MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3 --> C:\Program Files\Common Files\Adobe\Installers\2ac78060bc5856b0c1cf873bb919b58\Setup.exe
Adobe Photoshop CS3 --> MsiExec.exe /I{0046FA01-C5B9-4985-BACB-398DC480FC05}
Adobe Setup --> MsiExec.exe /I{4F3E17F8-F1C8-4A4B-9EB8-1EE2D190CDA9}
Adobe Setup --> MsiExec.exe /I{D1BB4446-AE9C-4256-9A7F-4D46604D2462}
Adobe Stock Photos CS3 --> MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support --> MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3 --> MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client --> MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WinSoft Linguistics Plugin --> MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3 --> MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
AGEIA PhysX v7.09.13 --> MsiExec.exe /X{45235788-142C-44BE-8A4D-DDE9A84492E5}
AIM 6 --> C:\Program Files\AIM6\uninst.exe
Apple Mobile Device Support --> MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}
Apple Software Update --> MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}
Aqua Dock --> C:\Program Files\Aqua Dock\uninstall.exe
ASUSUpdate --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{587178E7-B1DF-494E-9838-FA4DD36E873C}\Setup.exe" -l0x9
Audiosurf Beta --> "C:\Program Files\Audiosurf\unins000.exe"
Azureus Vuze --> C:\Program Files\Azureus\uninstall.exe
Bluesoleil 5.0.5.178 --> MsiExec.exe /X{1E726A53-78E9-47DE-B3D9-4165CBC9ABBF}
Call of Duty® 2 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{D0A05794-48C2-4424-A15A-9F20FCFDD374} /l1033
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
Crysis® --> MsiExec.exe /I{000E79B7-E725-4F01-870A-C12942B7F8E4}
EVE2.5 --> C:\Program Files\EVE2.5\uninstall.exe
EVGA Display Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BEF3EFE7-5159-436D-9BF0-CCC633179EB4}\Setup.exe" -l0x9 -removeonly
FontCreator 5.6 --> "C:\Program Files\High-Logic\FontCreator\unins000.exe"
Foxit Reader --> C:\Program Files\Foxit Software\Foxit Reader\Uninstall.exe
Frets On Fire --> "C:\Program Files\Frets on Fire\Uninstall.exe"
Google Gmail Notifier --> "C:\Program Files\Google\Gmail Notifier\UninstallGmail.exe"
GoToMyPC --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58F4D4FD-1814-4068-B316-C28FC776C6DD}\Setup.exe" -l0x9 AddRemovePrograms
High Definition Audio Driver Package - KB888111 --> "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
I-Doser v4 --> C:\Program Files\IDoser v4\Uninstal.exe
iGadget 4.4.0.0 --> "C:\Program Files\Purple Ghost\iGadget\unins000.exe"
iPod 2 iTunes --> MsiExec.exe /I{BFEE0972-87B6-4A9C-83F2-C0DE04B9D28F}
iTunes --> MsiExec.exe /I{585776BC-4BD6-4BD2-A19A-1D6CB44A403B}
Java DB 10.3.1.4 --> MsiExec.exe /X{CD49361E-3FE6-457E-90A1-9C59E29B5D02}
Java(tm) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(tm) 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(tm) SE Development Kit 6 Update 5 --> MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B0D0160050}
Joost (tm) Beta 1.0.3 --> C:\Program Files\Joost\uninst.exe
Kaspersky Internet Security 7.0 --> MsiExec.exe /I{C774410D-3EF9-4DE7-AC01-332613163ECF}
Kaspersky Internet Security 7.0 --> MsiExec.exe /I{C774410D-3EF9-4DE7-AC01-332613163ECF}
Logitech Desktop Messenger --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\SETUP.exe" -l0x9 UNINSTALL -removeonly
Logitech SetPoint --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe" -l0x9 -removeonly
Mediaphone Expert --> MsiExec.exe /X{D19A765C-8230-466F-9FD9-3DB7B56E83E5}
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office Access MUI (English) 2007 --> MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007 --> MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007 --> MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007 --> MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007 --> MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007 --> MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007 --> MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007 --> MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007 --> MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007 --> MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007 --> MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007 --> MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
mIRC --> C:\Program Files\mIRC\uninstall.exe _?=C:\Program Files\mIRC
Mozilla Firefox (2.0.0.14) --> C:\Program Files\Mozilla Firefox2\uninstall\helper.exe
Need for Speedâ„¢ Carbon --> C:\Program Files\Electronic Arts\Need for Speed Carbon\EAUninstall.exe
Nero 7 Ultra Edition --> MsiExec.exe /I{F14B8ECC-BDA0-4987-9201-D7B7DBE11033}
NVIDIA Drivers --> C:\WINDOWS\system32\nvuninst.exe UninstallGUI
NVIDIA nTune --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF} /l1033
ObjectDock Plus --> C:\PROGRA~1\Stardock\OBJECT~2\objectdock.exe /uninstall
Opera 9.27 --> MsiExec.exe /X{503D6E3E-1A48-44F5-BB7C-EB3B593FAED0}
Orb --> "C:\Program Files\Orb Networks\Orb\uninstall.exe"
PDF Settings --> MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
PodPlus 1.1.0.0 --> "C:\Program Files\Purple Ghost\PodPlus\unins000.exe"
PowerISO --> "C:\Program Files\PowerISO\uninstall.exe"
Privoxy 3.0.6 --> "C:\Program Files\Vidalia Bundle\Unins

Tech Clinic / Sudden problems with Windows

« on: June 11, 2008, 03:18:43 PM »

Just recently I've gotten crazy reports coming from Kaspersky on the same problem. I forget exactly but here's the Hijackthis log. When I see it again I'll edit.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:28:37 PM, on 6/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\System32\Drivers\WTSRV.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\Aqua Dock\Aqua Dock.exe
C:\WINDOWS\system32\WTClient.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\WISPTIS.EXE
C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe
C:\Program Files\Trillian\trillian.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\WhatPulse\WhatPulse.exe
C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe
C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Orb Networks\Orb\bin\Orb.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Vidalia Bundle\Tor\tor.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\Ad-Aware2007.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Mozilla Firefox2\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.picture.com/voteforme/photovote...;LVT=10&CK=
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O1 - Hosts: 127.255.255.255 serial.alcohol-soft.com
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [BtTray] "C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKLM\..\Run: [Openwares LiveUpdate] C:\Program Files\LiveUpdate\LiveUpdate.exe
O4 - HKLM\..\Run: [Aqua Dock] C:\Program Files\Aqua Dock\Aqua Dock.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [WTClient] WTClient.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [Trillian] C:\Program Files\Trillian\trillian.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKCU\..\Run: [WhatPulse] C:\Program Files\WhatPulse\WhatPulse.exe
O4 - HKCU\..\Run: [Orb] C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe
O4 - HKCU\..\Run: [Vidalia] "C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe"
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Privoxy.lnk = C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O18 - Protocol: bw+0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: offline-8876480 - {B65AA931-6691-40F8-B439-685C50C9D9F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: wbsys.dll,C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: BlueSoleilCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BsHelpCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GoToMyPC - Unknown owner - C:\Program Files\Citrix\GoToMyPC\g2svc.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: WinTab Service (WinTabService) - Tablet Driver - C:\WINDOWS\System32\Drivers\WTSRV.EXE
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/Mike/LOCALS~1/Temp/msohtmlclip1/01/clip_image002.jpg

--
End of file - 21764 bytes

EDIT: Also, while looking though this I realized I didn't see what I kept getting errors with before.. cause I would've noticed it if I saw it.

EDIT2: Just got the pop up from Kaspersky. IadHide5.dll is trying to access the running process C;\WINDOWS\system32\rundll32.exe

Referrals/Free iPods Forum / NEEDS IPOD REFERRALS!!!

« on: March 12, 2006, 08:49:30 PM »

ok, because of the stupid TOS on freepay...i really need 4 more for http://ipods.freepay.com/?r=26139628 this is really hard cuz a lot of people have done it already but if your willing to trade PM me!

Referrals/Free iPods Forum / WILL TRADE REFS

« on: March 12, 2006, 08:38:25 PM »

i hav 1 so far and 1 who says they completed and are waiting... so hopefully 2...and i need 3 more by the 30th..stupid TOS

Referrals/Free iPods Forum / WILL TRADE REFS

« on: March 12, 2006, 07:30:25 PM »

damn i need the freeipod one! this one is so hard cuz everyone starts with it

Tech Clinic / HJT log for desktp recovery problem

« on: March 11, 2006, 11:30:12 PM »

i did run windows cleanup! and got 1gb cleaned?(i think thats wat it said...or freed)

my desktop is fine now, thanks

Tech Clinic / HJT log for desktp recovery problem

« on: March 11, 2006, 06:39:31 PM »

Logfile of HijackThis v1.99.1
Scan saved at 6:37:47 PM, on 3/11/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\NCLAUNCH.EXe
C:\Program Files\CursorXP\CursorXP.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\HJT\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&t...arm1=seconduser
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&t...arm1=seconduser
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&t...arm1=seconduser
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&t...arm1=seconduser
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aimtoday.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&t...arm1=seconduser
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&t...arm1=seconduser
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&t...arm1=seconduser
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&t...arm1=seconduser
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&t...arm1=seconduser
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.redirect.hp.com/svs/rdr?TYPE=3&t...arm1=seconduser
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Synchronization Agent] "C:\Program Files\Sync Manager Demo\agent\syncagent.exe"
O4 - HKLM\..\Run: [WAKE UP!!! Clock] C:\Program Files\OwenSoft Creations\WAKE UP!!! Clock\WAKEUP.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKCU\..\Run: [NCLaunch] C:\WINDOWS\NCLAUNCH.EXe
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: RollerCoaster Tycoon 3 Registration.lnk = C:\Documents and Settings\HP_Owner\Local Settings\Temp\{0286CC0D-17F3-460F-A9CD-C1963E1D2252}\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on:         6:30:58 PM, 3/11/2006
+ Report-Checksum:      FE5FB212

+ Scan result:

   HKLM\SOFTWARE\Classes\CLSID\{364B6276-C6C1-40B6-A6D7-6C48871FD707} -> Adware.Accoona : Cleaned with backup
   HKLM\SOFTWARE\Classes\CLSID\{944864A5-3916-46E2-96A9-A2E84F3F1208} -> Adware.Accoona : Cleaned with backup
   HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\ins -> Adware.WebRebates : Cleaned with backup
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{944864A5-3916-46E2-96A9-A2E84F3F1208} -> Adware.Accoona : Cleaned with backup
   HKU\S-1-5-21-4203534055-2140320223-256651928-1009\Software\KMiNT21 -> Adware.DesktopSpyAgent : Cleaned with backup
   HKU\S-1-5-21-4203534055-2140320223-256651928-1009\Software\KMiNT21\PersonalInspector -> Adware.DesktopSpyAgent : Cleaned with backup
   HKU\S-1-5-21-4203534055-2140320223-256651928-1009\Software\Microsoft\Internet Explorer\URLSearchHooks\{944864A5-3916-46E2-96A9-A2E84F3F1208} -> Adware.Accoona : Cleaned with backup
   HKU\S-1-5-21-4203534055-2140320223-256651928-1009\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{364B6276-C6C1-40B6-A6D7-6C48871FD707} -> Adware.Accoona : Cleaned with backup
   HKU\S-1-5-21-4203534055-2140320223-256651928-1009\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{56F1D444-11BF-4879-A12B-79CF0177F038} -> Adware.180Solutions : Cleaned with backup
   HKU\S-1-5-21-4203534055-2140320223-256651928-1009\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5929CD6E-2062-44A4-B2C5-2C7E78FBAB38} -> Adware.Generic : Cleaned with backup
   HKU\S-1-5-21-4203534055-2140320223-256651928-1009\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{944864A5-3916-46E2-96A9-A2E84F3F1208} -> Adware.Accoona : Cleaned with backup
   HKU\S-1-5-21-4203534055-2140320223-256651928-1009\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EA0D26BD-9029-431A-86E0-83152D67828A} -> Adware.180Solutions : Cleaned with backup
   :mozilla.19:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
   :mozilla.20:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Linksynergy : Cleaned with backup
   :mozilla.21:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Linksynergy : Cleaned with backup
   :mozilla.22:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Linksynergy : Cleaned with backup
   :mozilla.29:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
   :mozilla.30:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
   :mozilla.31:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
   :mozilla.58:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
   :mozilla.59:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
   :mozilla.60:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
   :mozilla.61:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
   :mozilla.62:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
   :mozilla.63:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
   :mozilla.64:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
   :mozilla.65:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
   :mozilla.66:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
   :mozilla.67:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
   :mozilla.68:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
   :mozilla.69:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
   :mozilla.73:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
   :mozilla.74:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
   :mozilla.75:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
   :mozilla.76:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
   :mozilla.77:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
   :mozilla.78:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
   :mozilla.79:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
   :mozilla.80:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
   :mozilla.81:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
   :mozilla.82:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
   :mozilla.83:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned with backup
   :mozilla.84:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
   :mozilla.85:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
   :mozilla.86:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
   :mozilla.101:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Clickbank : Cleaned with backup
   :mozilla.102:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
   :mozilla.105:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
   :mozilla.106:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
   :mozilla.107:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
   :mozilla.108:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
   :mozilla.109:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
   :mozilla.110:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
   :mozilla.115:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.116:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.117:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.118:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.119:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
   :mozilla.121:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.130:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
   :mozilla.131:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
   :mozilla.164:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.166:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
   :mozilla.167:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.168:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.169:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.170:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
   :mozilla.171:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
   :mozilla.172:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
   :mozilla.173:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
   :mozilla.174:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
   :mozilla.175:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
   :mozilla.176:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
   :mozilla.177:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
   :mozilla.178:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
   :mozilla.190:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
   :mozilla.191:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
   :mozilla.193:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
   :mozilla.194:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
   :mozilla.197:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
   :mozilla.198:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup
   :mozilla.199:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup
   :mozilla.200:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup
   :mozilla.201:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
   :mozilla.202:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
   :mozilla.203:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
   :mozilla.204:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
   :mozilla.205:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
   :mozilla.206:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
   :mozilla.207:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
   :mozilla.212:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
   :mozilla.214:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
   :mozilla.215:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
   :mozilla.216:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
   :mozilla.217:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
   :mozilla.220:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
   :mozilla.222:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
   :mozilla.223:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
   :mozilla.224:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
   :mozilla.225:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
   :mozilla.228:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
   :mozilla.229:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
   :mozilla.230:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
   :mozilla.231:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
   :mozilla.232:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
   :mozilla.233:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
   :mozilla.234:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
   :mozilla.253:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
   :mozilla.254:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
   :mozilla.255:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
   :mozilla.256:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
   :mozilla.257:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
   :mozilla.258:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
   :mozilla.259:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
   :mozilla.260:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
   :mozilla.261:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
   :mozilla.263:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
   :mozilla.264:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
   :mozilla.265:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
   :mozilla.266:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
   :mozilla.267:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
   :mozilla.268:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
   :mozilla.269:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
   :mozilla.288:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.289:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.290:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.291:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.292:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.293:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.294:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.295:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.296:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.297:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.298:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.299:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.300:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.301:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.302:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.303:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.304:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.305:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.306:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.307:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.308:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.309:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.310:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.311:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.312:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.313:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.314:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.315:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.316:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.317:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.318:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.319:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.320:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.321:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.322:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.323:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.324:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.325:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.326:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.327:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.328:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.329:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.330:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.331:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.332:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.333:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.334:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.335:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.336:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.337:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.355:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup
   :mozilla.362:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
   :mozilla.363:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
   :mozilla.403:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Myaffiliateprogram : Cleaned with backup
   :mozilla.412:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Tracking101 : Cleaned with backup
   :mozilla.422:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
   :mozilla.445:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Bfast : Cleaned with backup
   :mozilla.451:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Hotlog : Cleaned with backup
   :mozilla.463:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
   :mozilla.464:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
   :mozilla.465:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
   :mozilla.503:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
   :mozilla.504:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
   :mozilla.505:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
   :mozilla.506:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
   :mozilla.557:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Com : Cleaned with backup
   :mozilla.558:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Com : Cleaned with backup
   :mozilla.588:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Hypertracker : Cleaned with backup
   :mozilla.618:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Paycounter : Cleaned with backup
   :mozilla.619:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.638:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
   :mozilla.639:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
   :mozilla.640:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
   :mozilla.641:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
   :mozilla.642:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
   :mozilla.676:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
   :mozilla.677:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
   :mozilla.678:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
   :mozilla.679:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
   :mozilla.693:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
   :mozilla.694:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
   :mozilla.695:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
   :mozilla.696:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
   :mozilla.704:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Clickhype : Cleaned with backup
   :mozilla.710:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup
   :mozilla.711:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup
   :mozilla.712:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup
   :mozilla.713:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup
   :mozilla.714:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup
   :mozilla.738:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
   :mozilla.748:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
   :mozilla.749:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
   :mozilla.766:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Realtracker : Cleaned with backup
   :mozilla.767:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Realtracker : Cleaned with backup
   :mozilla.781:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Directnetadvertising : Cleaned with backup
   :mozilla.786:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Epilot : Cleaned with backup
   :mozilla.787:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
   :mozilla.788:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
   :mozilla.789:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\owrsjoep.Mike\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
   C:\Program Files\MediaGateway\Updater.exe -> Adware.WinAD : Cleaned with backup
   C:\WINDOWS\NDNuninstall7_22.exe -> Adware.NewDotNet : Cleaned with backup

::Report End

i couldnt find O2 - BHO: Accoona Search Assistant - {944864A5-3916-46E2-96A9-A2E84F3F1208} - C:\Program Files\Accoona\ASearchAssist.dll (file missing)

Software / desktop

« on: March 10, 2006, 03:37:42 PM »

i accidently posted it under my friends name, supraskater, cuz he was on here yesterday and forgot to log off

Referrals/Free iPods Forum / FREE iPod Nano! No credit card required!

« on: March 09, 2006, 06:45:33 PM »

cool nowMORE PEOPLE SIGN UP!!!

Referrals/Free iPods Forum / Trading Referrals

« on: March 08, 2006, 06:18:09 PM »

a4f?

Referrals/Free iPods Forum / trading referrals...

« on: March 08, 2006, 06:15:27 PM »

i dont really need the flatscreens one cuz freepay went gay and gives u only til the end of the month, i really did that jus cuz of getting money, but scammed again...

i really need the ipods one but u already did that, did u sign up for the nonCC one? for the nano? i need that...

can u do the $300?

Software / desktop

« on: March 08, 2006, 06:07:18 PM »

everytime i start up my computer, i get a thing that says my desktop is lost or something like that and i hafta click something to get it back...is this because of a virus of something or just my computer being retarted?

Referrals/Free iPods Forum / Trading Referrals

« on: March 08, 2006, 06:05:35 PM »

ive talked to him before, goddamnit, i canceled, and now i dont hav my ipod referral, ne1 else wana trade?

Referrals/Free iPods Forum / trading referrals...

« on: March 08, 2006, 06:04:08 PM »

http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/smile.gif\' class=\'bbc_emoticon\' alt=\'

\' />

Pages: [1] 2

TheTechGuide Forum

News:

Show Posts

Messages - emerica

Tech Clinic / Sudden problems with Windows

Tech Clinic / Sudden problems with Windows

Tech Clinic / Sudden problems with Windows

Tech Clinic / Sudden problems with Windows

Referrals/Free iPods Forum / NEEDS IPOD REFERRALS!!!

Referrals/Free iPods Forum / WILL TRADE REFS

Referrals/Free iPods Forum / WILL TRADE REFS

Tech Clinic / HJT log for desktp recovery problem

Tech Clinic / HJT log for desktp recovery problem

Software / desktop

Referrals/Free iPods Forum / FREE iPod Nano! No credit card required!

Referrals/Free iPods Forum / Trading Referrals

Referrals/Free iPods Forum / trading referrals...

Software / desktop

Referrals/Free iPods Forum / Trading Referrals

Referrals/Free iPods Forum / trading referrals...

Referrals/Free iPods Forum / FREE iPod Nano! No credit card required!

Referrals/Free iPods Forum / FREE iPod Nano! No credit card required!

Referrals/Free iPods Forum / FREE iPod Nano! No credit card required!

Referrals/Free iPods Forum / FREE iPod Nano! No credit card required!